Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
16 vulnerabilities found for keybase by keybase
CVE-2022-22779 (GCVE-0-2022-22779)
Vulnerability from nvd – Published: 2022-02-09 22:05 – Updated: 2024-09-17 00:05
VLAI
Title
Retained exploded messages in Keybase clients for macOS and Windows
Summary
The Keybase Clients for macOS and Windows before version 5.9.0 fails to properly remove exploded messages initiated by a user. This can occur if the receiving user switches to a non-chat feature and places the host in a sleep state before the sending user explodes the messages. This could lead to disclosure of sensitive information which was meant to be deleted from a user’s filesystem.
Severity
CWE
- Improper Enforcement of Behavioral Workflow
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://explore.zoom.us/en/trust/security/securit… | x_refsource_MISC |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Zoom Video Communications Inc | Keybase Client for macOS |
Affected:
unspecified , < 5.9.0
(custom)
|
|
| Zoom Video Communications Inc | Keybase Client for Windows |
Affected:
unspecified , < 5.9.0
(custom)
|
Date Public
2022-02-08 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:21:49.090Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://explore.zoom.us/en/trust/security/security-bulletin"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Keybase Client for macOS",
"vendor": "Zoom Video Communications Inc",
"versions": [
{
"lessThan": "5.9.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Keybase Client for Windows",
"vendor": "Zoom Video Communications Inc",
"versions": [
{
"lessThan": "5.9.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Olivia O\u0027Hara"
}
],
"datePublic": "2022-02-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Keybase Clients for macOS and Windows before version 5.9.0 fails to properly remove exploded messages initiated by a user. This can occur if the receiving user switches to a non-chat feature and places the host in a sleep state before the sending user explodes the messages. This could lead to disclosure of sensitive information which was meant to be deleted from a user\u2019s filesystem."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Enforcement of Behavioral Workflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-09T22:05:15.000Z",
"orgId": "99b9af0d-a833-4a5d-9e2f-8b1324f35351",
"shortName": "Zoom"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://explore.zoom.us/en/trust/security/security-bulletin"
}
],
"source": {
"discovery": "USER"
},
"title": "Retained exploded messages in Keybase clients for macOS and Windows",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@zoom.us",
"DATE_PUBLIC": "2022-02-08T12:00:00.000Z",
"ID": "CVE-2022-22779",
"STATE": "PUBLIC",
"TITLE": "Retained exploded messages in Keybase clients for macOS and Windows"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Keybase Client for macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "5.9.0"
}
]
}
},
{
"product_name": "Keybase Client for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "5.9.0"
}
]
}
}
]
},
"vendor_name": "Zoom Video Communications Inc"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Olivia O\u0027Hara"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Keybase Clients for macOS and Windows before version 5.9.0 fails to properly remove exploded messages initiated by a user. This can occur if the receiving user switches to a non-chat feature and places the host in a sleep state before the sending user explodes the messages. This could lead to disclosure of sensitive information which was meant to be deleted from a user\u2019s filesystem."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Enforcement of Behavioral Workflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://explore.zoom.us/en/trust/security/security-bulletin",
"refsource": "MISC",
"url": "https://explore.zoom.us/en/trust/security/security-bulletin"
}
]
},
"source": {
"discovery": "USER"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "99b9af0d-a833-4a5d-9e2f-8b1324f35351",
"assignerShortName": "Zoom",
"cveId": "CVE-2022-22779",
"datePublished": "2022-02-09T22:05:15.143Z",
"dateReserved": "2022-01-07T00:00:00.000Z",
"dateUpdated": "2024-09-17T00:05:46.594Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-34426 (GCVE-0-2021-34426)
Vulnerability from nvd – Published: 2021-12-14 19:26 – Updated: 2024-09-17 04:09
VLAI
Title
Arbitrary command execution in Keybase Client for Windows
Summary
A vulnerability was discovered in the Keybase Client for Windows before version 5.6.0 when a user executed the "keybase git lfs-config" command on the command-line. In versions prior to 5.6.0, a malicious actor with write access to a user\'s Git repository could leverage this vulnerability to potentially execute arbitrary Windows commands on a user\'s local system.
Severity
5.3 (Medium)
CWE
- Untrusted Search Path
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://explore.zoom.us/en/trust/security/securit… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Zoom Video Communications Inc | Keybase Client for Windows |
Affected:
unspecified , < 5.6.0
(custom)
|
Date Public
2021-12-14 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:12:50.181Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://explore.zoom.us/en/trust/security/security-bulletin"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Keybase Client for Windows",
"vendor": "Zoom Video Communications Inc",
"versions": [
{
"lessThan": "5.6.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "RyotaK (https://blog.ryotak.me/)"
}
],
"datePublic": "2021-12-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was discovered in the Keybase Client for Windows before version 5.6.0 when a user executed the \"keybase git lfs-config\" command on the command-line. In versions prior to 5.6.0, a malicious actor with write access to a user\\\u0027s Git repository could leverage this vulnerability to potentially execute arbitrary Windows commands on a user\\\u0027s local system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Untrusted Search Path",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-03T21:07:10.000Z",
"orgId": "99b9af0d-a833-4a5d-9e2f-8b1324f35351",
"shortName": "Zoom"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://explore.zoom.us/en/trust/security/security-bulletin"
}
],
"source": {
"discovery": "USER"
},
"title": "Arbitrary command execution in Keybase Client for Windows",
"x_legacyV4Record": {
"CVE_data_meta": {
"AKA": "Zoom Communications Inc",
"ASSIGNER": "security@zoom.us",
"DATE_PUBLIC": "2021-12-14T15:00:00.000Z",
"ID": "CVE-2021-34426",
"STATE": "PUBLIC",
"TITLE": "Arbitrary command execution in Keybase Client for Windows"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Keybase Client for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "5.6.0"
}
]
}
}
]
},
"vendor_name": "Zoom Video Communications Inc"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "RyotaK (https://blog.ryotak.me/)"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability was discovered in the Keybase Client for Windows before version 5.6.0 when a user executed the \"keybase git lfs-config\" command on the command-line. In versions prior to 5.6.0, a malicious actor with write access to a user\\\u0027s Git repository could leverage this vulnerability to potentially execute arbitrary Windows commands on a user\\\u0027s local system."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Untrusted Search Path"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://explore.zoom.us/en/trust/security/security-bulletin",
"refsource": "MISC",
"url": "https://explore.zoom.us/en/trust/security/security-bulletin"
}
]
},
"source": {
"discovery": "USER"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "99b9af0d-a833-4a5d-9e2f-8b1324f35351",
"assignerShortName": "Zoom",
"cveId": "CVE-2021-34426",
"datePublished": "2021-12-14T19:26:03.894Z",
"dateReserved": "2021-06-09T00:00:00.000Z",
"dateUpdated": "2024-09-17T04:09:55.829Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-34421 (GCVE-0-2021-34421)
Vulnerability from nvd – Published: 2021-11-11 22:58 – Updated: 2024-09-17 01:41
VLAI
Title
Retained exploded messages in Keybase Clients for Android and iOS
Summary
The Keybase Client for Android before version 5.8.0 and the Keybase Client for iOS before version 5.8.0 fails to properly remove exploded messages initiated by a user if the receiving user places the chat session in the background while the sending user explodes the messages. This could lead to disclosure of sensitive information which was meant to be deleted from the customer's device.
Severity
CWE
- Cleartext Storage of Sensitive Information
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://explore.zoom.us/en/trust/security/securit… | x_refsource_MISC |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Zoom Video Communications Inc | Keybase Client for Android |
Affected:
unspecified , < 5.8.0
(custom)
|
|
| Zoom Video Communications Inc | Keybase Client for iOS |
Affected:
unspecified , < 5.8.0
(custom)
|
Date Public
2021-11-12 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:12:50.113Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://explore.zoom.us/en/trust/security/security-bulletin"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Keybase Client for Android",
"vendor": "Zoom Video Communications Inc",
"versions": [
{
"lessThan": "5.8.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Keybase Client for iOS",
"vendor": "Zoom Video Communications Inc",
"versions": [
{
"lessThan": "5.8.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Olivia O\u0027Hara, John Jackson, Jackson Henry, and Robert Willis"
}
],
"datePublic": "2021-11-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Keybase Client for Android before version 5.8.0 and the Keybase Client for iOS before version 5.8.0 fails to properly remove exploded messages initiated by a user if the receiving user places the chat session in the background while the sending user explodes the messages. This could lead to disclosure of sensitive information which was meant to be deleted from the customer\u0027s device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cleartext Storage of Sensitive Information",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-11T23:06:56.000Z",
"orgId": "99b9af0d-a833-4a5d-9e2f-8b1324f35351",
"shortName": "Zoom"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://explore.zoom.us/en/trust/security/security-bulletin"
}
],
"source": {
"discovery": "USER"
},
"title": "Retained exploded messages in Keybase Clients for Android and iOS",
"x_legacyV4Record": {
"CVE_data_meta": {
"AKA": "Zoom Communications Inc",
"ASSIGNER": "security@zoom.us",
"DATE_PUBLIC": "2021-11-12T17:00:00.000Z",
"ID": "CVE-2021-34421",
"STATE": "PUBLIC",
"TITLE": "Retained exploded messages in Keybase Clients for Android and iOS"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Keybase Client for Android",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "5.8.0"
}
]
}
},
{
"product_name": "Keybase Client for iOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "5.8.0"
}
]
}
}
]
},
"vendor_name": "Zoom Video Communications Inc"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Olivia O\u0027Hara, John Jackson, Jackson Henry, and Robert Willis"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Keybase Client for Android before version 5.8.0 and the Keybase Client for iOS before version 5.8.0 fails to properly remove exploded messages initiated by a user if the receiving user places the chat session in the background while the sending user explodes the messages. This could lead to disclosure of sensitive information which was meant to be deleted from the customer\u0027s device."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cleartext Storage of Sensitive Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://explore.zoom.us/en/trust/security/security-bulletin",
"refsource": "MISC",
"url": "https://explore.zoom.us/en/trust/security/security-bulletin"
}
]
},
"source": {
"discovery": "USER"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "99b9af0d-a833-4a5d-9e2f-8b1324f35351",
"assignerShortName": "Zoom",
"cveId": "CVE-2021-34421",
"datePublished": "2021-11-11T22:58:37.355Z",
"dateReserved": "2021-06-09T00:00:00.000Z",
"dateUpdated": "2024-09-17T01:41:23.193Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-34422 (GCVE-0-2021-34422)
Vulnerability from nvd – Published: 2021-11-11 22:58 – Updated: 2024-09-17 03:12
VLAI
Title
Path traversal of file names in Keybase Client for Windows
Summary
The Keybase Client for Windows before version 5.7.0 contains a path traversal vulnerability when checking the name of a file uploaded to a team folder. A malicious user could upload a file to a shared folder with a specially crafted file name which could allow a user to execute an application which was not intended on their host machine. If a malicious user leveraged this issue with the public folder sharing feature of the Keybase client, this could lead to remote code execution.
Severity
7.2 (High)
CWE
- Relative Path Traversal
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://explore.zoom.us/en/trust/security/securit… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Zoom Video Communications Inc | Keybase Client for Windows |
Affected:
unspecified , < 5.7.0
(custom)
|
Date Public
2021-11-12 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:12:50.159Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://explore.zoom.us/en/trust/security/security-bulletin"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Keybase Client for Windows",
"vendor": "Zoom Video Communications Inc",
"versions": [
{
"lessThan": "5.7.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "m4t35z"
}
],
"datePublic": "2021-11-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Keybase Client for Windows before version 5.7.0 contains a path traversal vulnerability when checking the name of a file uploaded to a team folder. A malicious user could upload a file to a shared folder with a specially crafted file name which could allow a user to execute an application which was not intended on their host machine. If a malicious user leveraged this issue with the public folder sharing feature of the Keybase client, this could lead to remote code execution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Relative Path Traversal",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-11T22:58:22.000Z",
"orgId": "99b9af0d-a833-4a5d-9e2f-8b1324f35351",
"shortName": "Zoom"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://explore.zoom.us/en/trust/security/security-bulletin"
}
],
"source": {
"discovery": "USER"
},
"title": "Path traversal of file names in Keybase Client for Windows",
"x_legacyV4Record": {
"CVE_data_meta": {
"AKA": "Zoom Communications Inc",
"ASSIGNER": "security@zoom.us",
"DATE_PUBLIC": "2021-11-12T17:00:00.000Z",
"ID": "CVE-2021-34422",
"STATE": "PUBLIC",
"TITLE": "Path traversal of file names in Keybase Client for Windows"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Keybase Client for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "5.7.0"
}
]
}
}
]
},
"vendor_name": "Zoom Video Communications Inc"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "m4t35z"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Keybase Client for Windows before version 5.7.0 contains a path traversal vulnerability when checking the name of a file uploaded to a team folder. A malicious user could upload a file to a shared folder with a specially crafted file name which could allow a user to execute an application which was not intended on their host machine. If a malicious user leveraged this issue with the public folder sharing feature of the Keybase client, this could lead to remote code execution."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Relative Path Traversal"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://explore.zoom.us/en/trust/security/security-bulletin",
"refsource": "MISC",
"url": "https://explore.zoom.us/en/trust/security/security-bulletin"
}
]
},
"source": {
"discovery": "USER"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "99b9af0d-a833-4a5d-9e2f-8b1324f35351",
"assignerShortName": "Zoom",
"cveId": "CVE-2021-34422",
"datePublished": "2021-11-11T22:58:22.996Z",
"dateReserved": "2021-06-09T00:00:00.000Z",
"dateUpdated": "2024-09-17T03:12:21.549Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-23827 (GCVE-0-2021-23827)
Vulnerability from nvd – Published: 2021-02-22 23:07 – Updated: 2024-08-03 19:14
VLAI
Summary
Keybase Desktop Client before 5.6.0 on Windows and macOS, and before 5.6.1 on Linux, allows an attacker to obtain potentially sensitive media (such as private pictures) in the Cache and uploadtemps directories. It fails to effectively clear cached pictures, even after deletion via normal methodology within the client, or by utilizing the "Explode message/Explode now" functionality. Local filesystem access is needed by the attacker.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/keybase/client/releases | x_refsource_MISC |
| https://johnjhacking.com/blog/cve-2021-23827/ | x_refsource_MISC |
| https://hackerone.com/reports/1074930 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:14:08.885Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/keybase/client/releases"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://johnjhacking.com/blog/cve-2021-23827/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://hackerone.com/reports/1074930"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Keybase Desktop Client before 5.6.0 on Windows and macOS, and before 5.6.1 on Linux, allows an attacker to obtain potentially sensitive media (such as private pictures) in the Cache and uploadtemps directories. It fails to effectively clear cached pictures, even after deletion via normal methodology within the client, or by utilizing the \"Explode message/Explode now\" functionality. Local filesystem access is needed by the attacker."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-22T23:07:21.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/keybase/client/releases"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://johnjhacking.com/blog/cve-2021-23827/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://hackerone.com/reports/1074930"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-23827",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Keybase Desktop Client before 5.6.0 on Windows and macOS, and before 5.6.1 on Linux, allows an attacker to obtain potentially sensitive media (such as private pictures) in the Cache and uploadtemps directories. It fails to effectively clear cached pictures, even after deletion via normal methodology within the client, or by utilizing the \"Explode message/Explode now\" functionality. Local filesystem access is needed by the attacker."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/keybase/client/releases",
"refsource": "MISC",
"url": "https://github.com/keybase/client/releases"
},
{
"name": "https://johnjhacking.com/blog/cve-2021-23827/",
"refsource": "MISC",
"url": "https://johnjhacking.com/blog/cve-2021-23827/"
},
{
"name": "https://hackerone.com/reports/1074930",
"refsource": "MISC",
"url": "https://hackerone.com/reports/1074930"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-23827",
"datePublished": "2021-02-22T23:07:21.000Z",
"dateReserved": "2021-01-11T00:00:00.000Z",
"dateUpdated": "2024-08-03T19:14:08.885Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-16992 (GCVE-0-2019-16992)
Vulnerability from nvd – Published: 2019-09-29 23:52 – Updated: 2024-08-05 01:24
VLAI
Summary
The Keybase app 2.13.2 for iOS provides potentially insufficient notice that it is employing a user's private key to sign a certain cryptocurrency attestation (that an address at keybase.io can be used for Stellar payments to the user), which might be incompatible with a user's personal position on the semantics of an attestation.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://sneak.berlin/20190929/keybase-backdoor/ | x_refsource_MISC |
| https://github.com/keybase/keybase-issues/issues/3583 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:24:48.745Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://sneak.berlin/20190929/keybase-backdoor/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/keybase/keybase-issues/issues/3583"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Keybase app 2.13.2 for iOS provides potentially insufficient notice that it is employing a user\u0027s private key to sign a certain cryptocurrency attestation (that an address at keybase.io can be used for Stellar payments to the user), which might be incompatible with a user\u0027s personal position on the semantics of an attestation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-29T23:52:58.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://sneak.berlin/20190929/keybase-backdoor/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/keybase/keybase-issues/issues/3583"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-16992",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Keybase app 2.13.2 for iOS provides potentially insufficient notice that it is employing a user\u0027s private key to sign a certain cryptocurrency attestation (that an address at keybase.io can be used for Stellar payments to the user), which might be incompatible with a user\u0027s personal position on the semantics of an attestation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://sneak.berlin/20190929/keybase-backdoor/",
"refsource": "MISC",
"url": "https://sneak.berlin/20190929/keybase-backdoor/"
},
{
"name": "https://github.com/keybase/keybase-issues/issues/3583",
"refsource": "MISC",
"url": "https://github.com/keybase/keybase-issues/issues/3583"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-16992",
"datePublished": "2019-09-29T23:52:58.000Z",
"dateReserved": "2019-09-29T00:00:00.000Z",
"dateUpdated": "2024-08-05T01:24:48.745Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-7249 (GCVE-0-2019-7249)
Vulnerability from nvd – Published: 2019-01-31 08:00 – Updated: 2024-08-04 20:46
VLAI
Summary
In Keybase before 2.12.6 on macOS, the move RPC to the Helper was susceptible to time-to-check-time-to-use bugs and would also allow one user of the system (who didn't have root access) to tamper with another's installs.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://keybase.io/docs/secadv/kb004 | x_refsource_MISC |
| http://www.securityfocus.com/bid/106824 | vdb-entryx_refsource_BID |
| https://hackerone.com/reports/471739 | x_refsource_MISC |
Date Public
2019-01-31 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:46:45.971Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://keybase.io/docs/secadv/kb004"
},
{
"name": "106824",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106824"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://hackerone.com/reports/471739"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-01-31T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "In Keybase before 2.12.6 on macOS, the move RPC to the Helper was susceptible to time-to-check-time-to-use bugs and would also allow one user of the system (who didn\u0027t have root access) to tamper with another\u0027s installs."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-02-05T10:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://keybase.io/docs/secadv/kb004"
},
{
"name": "106824",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106824"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://hackerone.com/reports/471739"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7249",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Keybase before 2.12.6 on macOS, the move RPC to the Helper was susceptible to time-to-check-time-to-use bugs and would also allow one user of the system (who didn\u0027t have root access) to tamper with another\u0027s installs."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://keybase.io/docs/secadv/kb004",
"refsource": "MISC",
"url": "https://keybase.io/docs/secadv/kb004"
},
{
"name": "106824",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106824"
},
{
"name": "https://hackerone.com/reports/471739",
"refsource": "MISC",
"url": "https://hackerone.com/reports/471739"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-7249",
"datePublished": "2019-01-31T08:00:00.000Z",
"dateReserved": "2019-01-31T00:00:00.000Z",
"dateUpdated": "2024-08-04T20:46:45.971Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-18629 (GCVE-0-2018-18629)
Vulnerability from nvd – Published: 2018-12-20 22:00 – Updated: 2024-08-05 11:15
VLAI
Summary
An issue was discovered in the Keybase command-line client before 2.8.0-20181023124437 for Linux. An untrusted search path vulnerability in the keybase-redirector application allows a local, unprivileged user on Linux to gain root privileges via a Trojan horse binary.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://keybase.io/docs/secadv/kb002 | x_refsource_CONFIRM |
| https://blog.mirch.io/2018/12/21/cve-2018-18629-k… | x_refsource_MISC |
| https://hackerone.com/reports/426944 | x_refsource_MISC |
Date Public
2018-12-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:15:59.944Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://keybase.io/docs/secadv/kb002"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.mirch.io/2018/12/21/cve-2018-18629-keybase-linux-privilege-escalation/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://hackerone.com/reports/426944"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-12-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the Keybase command-line client before 2.8.0-20181023124437 for Linux. An untrusted search path vulnerability in the keybase-redirector application allows a local, unprivileged user on Linux to gain root privileges via a Trojan horse binary."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-21T21:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://keybase.io/docs/secadv/kb002"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.mirch.io/2018/12/21/cve-2018-18629-keybase-linux-privilege-escalation/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://hackerone.com/reports/426944"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-18629",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in the Keybase command-line client before 2.8.0-20181023124437 for Linux. An untrusted search path vulnerability in the keybase-redirector application allows a local, unprivileged user on Linux to gain root privileges via a Trojan horse binary."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://keybase.io/docs/secadv/kb002",
"refsource": "CONFIRM",
"url": "https://keybase.io/docs/secadv/kb002"
},
{
"name": "https://blog.mirch.io/2018/12/21/cve-2018-18629-keybase-linux-privilege-escalation/",
"refsource": "MISC",
"url": "https://blog.mirch.io/2018/12/21/cve-2018-18629-keybase-linux-privilege-escalation/"
},
{
"name": "https://hackerone.com/reports/426944",
"refsource": "MISC",
"url": "https://hackerone.com/reports/426944"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-18629",
"datePublished": "2018-12-20T22:00:00.000Z",
"dateReserved": "2018-10-23T00:00:00.000Z",
"dateUpdated": "2024-08-05T11:15:59.944Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-22779 (GCVE-0-2022-22779)
Vulnerability from cvelistv5 – Published: 2022-02-09 22:05 – Updated: 2024-09-17 00:05
VLAI
Title
Retained exploded messages in Keybase clients for macOS and Windows
Summary
The Keybase Clients for macOS and Windows before version 5.9.0 fails to properly remove exploded messages initiated by a user. This can occur if the receiving user switches to a non-chat feature and places the host in a sleep state before the sending user explodes the messages. This could lead to disclosure of sensitive information which was meant to be deleted from a user’s filesystem.
Severity
CWE
- Improper Enforcement of Behavioral Workflow
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://explore.zoom.us/en/trust/security/securit… | x_refsource_MISC |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Zoom Video Communications Inc | Keybase Client for macOS |
Affected:
unspecified , < 5.9.0
(custom)
|
|
| Zoom Video Communications Inc | Keybase Client for Windows |
Affected:
unspecified , < 5.9.0
(custom)
|
Date Public
2022-02-08 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:21:49.090Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://explore.zoom.us/en/trust/security/security-bulletin"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Keybase Client for macOS",
"vendor": "Zoom Video Communications Inc",
"versions": [
{
"lessThan": "5.9.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Keybase Client for Windows",
"vendor": "Zoom Video Communications Inc",
"versions": [
{
"lessThan": "5.9.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Olivia O\u0027Hara"
}
],
"datePublic": "2022-02-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Keybase Clients for macOS and Windows before version 5.9.0 fails to properly remove exploded messages initiated by a user. This can occur if the receiving user switches to a non-chat feature and places the host in a sleep state before the sending user explodes the messages. This could lead to disclosure of sensitive information which was meant to be deleted from a user\u2019s filesystem."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Enforcement of Behavioral Workflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-09T22:05:15.000Z",
"orgId": "99b9af0d-a833-4a5d-9e2f-8b1324f35351",
"shortName": "Zoom"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://explore.zoom.us/en/trust/security/security-bulletin"
}
],
"source": {
"discovery": "USER"
},
"title": "Retained exploded messages in Keybase clients for macOS and Windows",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@zoom.us",
"DATE_PUBLIC": "2022-02-08T12:00:00.000Z",
"ID": "CVE-2022-22779",
"STATE": "PUBLIC",
"TITLE": "Retained exploded messages in Keybase clients for macOS and Windows"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Keybase Client for macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "5.9.0"
}
]
}
},
{
"product_name": "Keybase Client for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "5.9.0"
}
]
}
}
]
},
"vendor_name": "Zoom Video Communications Inc"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Olivia O\u0027Hara"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Keybase Clients for macOS and Windows before version 5.9.0 fails to properly remove exploded messages initiated by a user. This can occur if the receiving user switches to a non-chat feature and places the host in a sleep state before the sending user explodes the messages. This could lead to disclosure of sensitive information which was meant to be deleted from a user\u2019s filesystem."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Enforcement of Behavioral Workflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://explore.zoom.us/en/trust/security/security-bulletin",
"refsource": "MISC",
"url": "https://explore.zoom.us/en/trust/security/security-bulletin"
}
]
},
"source": {
"discovery": "USER"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "99b9af0d-a833-4a5d-9e2f-8b1324f35351",
"assignerShortName": "Zoom",
"cveId": "CVE-2022-22779",
"datePublished": "2022-02-09T22:05:15.143Z",
"dateReserved": "2022-01-07T00:00:00.000Z",
"dateUpdated": "2024-09-17T00:05:46.594Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-34426 (GCVE-0-2021-34426)
Vulnerability from cvelistv5 – Published: 2021-12-14 19:26 – Updated: 2024-09-17 04:09
VLAI
Title
Arbitrary command execution in Keybase Client for Windows
Summary
A vulnerability was discovered in the Keybase Client for Windows before version 5.6.0 when a user executed the "keybase git lfs-config" command on the command-line. In versions prior to 5.6.0, a malicious actor with write access to a user\'s Git repository could leverage this vulnerability to potentially execute arbitrary Windows commands on a user\'s local system.
Severity
5.3 (Medium)
CWE
- Untrusted Search Path
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://explore.zoom.us/en/trust/security/securit… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Zoom Video Communications Inc | Keybase Client for Windows |
Affected:
unspecified , < 5.6.0
(custom)
|
Date Public
2021-12-14 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:12:50.181Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://explore.zoom.us/en/trust/security/security-bulletin"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Keybase Client for Windows",
"vendor": "Zoom Video Communications Inc",
"versions": [
{
"lessThan": "5.6.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "RyotaK (https://blog.ryotak.me/)"
}
],
"datePublic": "2021-12-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was discovered in the Keybase Client for Windows before version 5.6.0 when a user executed the \"keybase git lfs-config\" command on the command-line. In versions prior to 5.6.0, a malicious actor with write access to a user\\\u0027s Git repository could leverage this vulnerability to potentially execute arbitrary Windows commands on a user\\\u0027s local system."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Untrusted Search Path",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-03T21:07:10.000Z",
"orgId": "99b9af0d-a833-4a5d-9e2f-8b1324f35351",
"shortName": "Zoom"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://explore.zoom.us/en/trust/security/security-bulletin"
}
],
"source": {
"discovery": "USER"
},
"title": "Arbitrary command execution in Keybase Client for Windows",
"x_legacyV4Record": {
"CVE_data_meta": {
"AKA": "Zoom Communications Inc",
"ASSIGNER": "security@zoom.us",
"DATE_PUBLIC": "2021-12-14T15:00:00.000Z",
"ID": "CVE-2021-34426",
"STATE": "PUBLIC",
"TITLE": "Arbitrary command execution in Keybase Client for Windows"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Keybase Client for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "5.6.0"
}
]
}
}
]
},
"vendor_name": "Zoom Video Communications Inc"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "RyotaK (https://blog.ryotak.me/)"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability was discovered in the Keybase Client for Windows before version 5.6.0 when a user executed the \"keybase git lfs-config\" command on the command-line. In versions prior to 5.6.0, a malicious actor with write access to a user\\\u0027s Git repository could leverage this vulnerability to potentially execute arbitrary Windows commands on a user\\\u0027s local system."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Untrusted Search Path"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://explore.zoom.us/en/trust/security/security-bulletin",
"refsource": "MISC",
"url": "https://explore.zoom.us/en/trust/security/security-bulletin"
}
]
},
"source": {
"discovery": "USER"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "99b9af0d-a833-4a5d-9e2f-8b1324f35351",
"assignerShortName": "Zoom",
"cveId": "CVE-2021-34426",
"datePublished": "2021-12-14T19:26:03.894Z",
"dateReserved": "2021-06-09T00:00:00.000Z",
"dateUpdated": "2024-09-17T04:09:55.829Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-34421 (GCVE-0-2021-34421)
Vulnerability from cvelistv5 – Published: 2021-11-11 22:58 – Updated: 2024-09-17 01:41
VLAI
Title
Retained exploded messages in Keybase Clients for Android and iOS
Summary
The Keybase Client for Android before version 5.8.0 and the Keybase Client for iOS before version 5.8.0 fails to properly remove exploded messages initiated by a user if the receiving user places the chat session in the background while the sending user explodes the messages. This could lead to disclosure of sensitive information which was meant to be deleted from the customer's device.
Severity
CWE
- Cleartext Storage of Sensitive Information
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://explore.zoom.us/en/trust/security/securit… | x_refsource_MISC |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Zoom Video Communications Inc | Keybase Client for Android |
Affected:
unspecified , < 5.8.0
(custom)
|
|
| Zoom Video Communications Inc | Keybase Client for iOS |
Affected:
unspecified , < 5.8.0
(custom)
|
Date Public
2021-11-12 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:12:50.113Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://explore.zoom.us/en/trust/security/security-bulletin"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Keybase Client for Android",
"vendor": "Zoom Video Communications Inc",
"versions": [
{
"lessThan": "5.8.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Keybase Client for iOS",
"vendor": "Zoom Video Communications Inc",
"versions": [
{
"lessThan": "5.8.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Olivia O\u0027Hara, John Jackson, Jackson Henry, and Robert Willis"
}
],
"datePublic": "2021-11-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Keybase Client for Android before version 5.8.0 and the Keybase Client for iOS before version 5.8.0 fails to properly remove exploded messages initiated by a user if the receiving user places the chat session in the background while the sending user explodes the messages. This could lead to disclosure of sensitive information which was meant to be deleted from the customer\u0027s device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cleartext Storage of Sensitive Information",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-11T23:06:56.000Z",
"orgId": "99b9af0d-a833-4a5d-9e2f-8b1324f35351",
"shortName": "Zoom"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://explore.zoom.us/en/trust/security/security-bulletin"
}
],
"source": {
"discovery": "USER"
},
"title": "Retained exploded messages in Keybase Clients for Android and iOS",
"x_legacyV4Record": {
"CVE_data_meta": {
"AKA": "Zoom Communications Inc",
"ASSIGNER": "security@zoom.us",
"DATE_PUBLIC": "2021-11-12T17:00:00.000Z",
"ID": "CVE-2021-34421",
"STATE": "PUBLIC",
"TITLE": "Retained exploded messages in Keybase Clients for Android and iOS"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Keybase Client for Android",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "5.8.0"
}
]
}
},
{
"product_name": "Keybase Client for iOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "5.8.0"
}
]
}
}
]
},
"vendor_name": "Zoom Video Communications Inc"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Olivia O\u0027Hara, John Jackson, Jackson Henry, and Robert Willis"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Keybase Client for Android before version 5.8.0 and the Keybase Client for iOS before version 5.8.0 fails to properly remove exploded messages initiated by a user if the receiving user places the chat session in the background while the sending user explodes the messages. This could lead to disclosure of sensitive information which was meant to be deleted from the customer\u0027s device."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cleartext Storage of Sensitive Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://explore.zoom.us/en/trust/security/security-bulletin",
"refsource": "MISC",
"url": "https://explore.zoom.us/en/trust/security/security-bulletin"
}
]
},
"source": {
"discovery": "USER"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "99b9af0d-a833-4a5d-9e2f-8b1324f35351",
"assignerShortName": "Zoom",
"cveId": "CVE-2021-34421",
"datePublished": "2021-11-11T22:58:37.355Z",
"dateReserved": "2021-06-09T00:00:00.000Z",
"dateUpdated": "2024-09-17T01:41:23.193Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-34422 (GCVE-0-2021-34422)
Vulnerability from cvelistv5 – Published: 2021-11-11 22:58 – Updated: 2024-09-17 03:12
VLAI
Title
Path traversal of file names in Keybase Client for Windows
Summary
The Keybase Client for Windows before version 5.7.0 contains a path traversal vulnerability when checking the name of a file uploaded to a team folder. A malicious user could upload a file to a shared folder with a specially crafted file name which could allow a user to execute an application which was not intended on their host machine. If a malicious user leveraged this issue with the public folder sharing feature of the Keybase client, this could lead to remote code execution.
Severity
7.2 (High)
CWE
- Relative Path Traversal
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://explore.zoom.us/en/trust/security/securit… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Zoom Video Communications Inc | Keybase Client for Windows |
Affected:
unspecified , < 5.7.0
(custom)
|
Date Public
2021-11-12 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:12:50.159Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://explore.zoom.us/en/trust/security/security-bulletin"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Keybase Client for Windows",
"vendor": "Zoom Video Communications Inc",
"versions": [
{
"lessThan": "5.7.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "m4t35z"
}
],
"datePublic": "2021-11-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Keybase Client for Windows before version 5.7.0 contains a path traversal vulnerability when checking the name of a file uploaded to a team folder. A malicious user could upload a file to a shared folder with a specially crafted file name which could allow a user to execute an application which was not intended on their host machine. If a malicious user leveraged this issue with the public folder sharing feature of the Keybase client, this could lead to remote code execution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Relative Path Traversal",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-11T22:58:22.000Z",
"orgId": "99b9af0d-a833-4a5d-9e2f-8b1324f35351",
"shortName": "Zoom"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://explore.zoom.us/en/trust/security/security-bulletin"
}
],
"source": {
"discovery": "USER"
},
"title": "Path traversal of file names in Keybase Client for Windows",
"x_legacyV4Record": {
"CVE_data_meta": {
"AKA": "Zoom Communications Inc",
"ASSIGNER": "security@zoom.us",
"DATE_PUBLIC": "2021-11-12T17:00:00.000Z",
"ID": "CVE-2021-34422",
"STATE": "PUBLIC",
"TITLE": "Path traversal of file names in Keybase Client for Windows"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Keybase Client for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "5.7.0"
}
]
}
}
]
},
"vendor_name": "Zoom Video Communications Inc"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "m4t35z"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Keybase Client for Windows before version 5.7.0 contains a path traversal vulnerability when checking the name of a file uploaded to a team folder. A malicious user could upload a file to a shared folder with a specially crafted file name which could allow a user to execute an application which was not intended on their host machine. If a malicious user leveraged this issue with the public folder sharing feature of the Keybase client, this could lead to remote code execution."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Relative Path Traversal"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://explore.zoom.us/en/trust/security/security-bulletin",
"refsource": "MISC",
"url": "https://explore.zoom.us/en/trust/security/security-bulletin"
}
]
},
"source": {
"discovery": "USER"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "99b9af0d-a833-4a5d-9e2f-8b1324f35351",
"assignerShortName": "Zoom",
"cveId": "CVE-2021-34422",
"datePublished": "2021-11-11T22:58:22.996Z",
"dateReserved": "2021-06-09T00:00:00.000Z",
"dateUpdated": "2024-09-17T03:12:21.549Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-23827 (GCVE-0-2021-23827)
Vulnerability from cvelistv5 – Published: 2021-02-22 23:07 – Updated: 2024-08-03 19:14
VLAI
Summary
Keybase Desktop Client before 5.6.0 on Windows and macOS, and before 5.6.1 on Linux, allows an attacker to obtain potentially sensitive media (such as private pictures) in the Cache and uploadtemps directories. It fails to effectively clear cached pictures, even after deletion via normal methodology within the client, or by utilizing the "Explode message/Explode now" functionality. Local filesystem access is needed by the attacker.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/keybase/client/releases | x_refsource_MISC |
| https://johnjhacking.com/blog/cve-2021-23827/ | x_refsource_MISC |
| https://hackerone.com/reports/1074930 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:14:08.885Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/keybase/client/releases"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://johnjhacking.com/blog/cve-2021-23827/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://hackerone.com/reports/1074930"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Keybase Desktop Client before 5.6.0 on Windows and macOS, and before 5.6.1 on Linux, allows an attacker to obtain potentially sensitive media (such as private pictures) in the Cache and uploadtemps directories. It fails to effectively clear cached pictures, even after deletion via normal methodology within the client, or by utilizing the \"Explode message/Explode now\" functionality. Local filesystem access is needed by the attacker."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-02-22T23:07:21.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/keybase/client/releases"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://johnjhacking.com/blog/cve-2021-23827/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://hackerone.com/reports/1074930"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-23827",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Keybase Desktop Client before 5.6.0 on Windows and macOS, and before 5.6.1 on Linux, allows an attacker to obtain potentially sensitive media (such as private pictures) in the Cache and uploadtemps directories. It fails to effectively clear cached pictures, even after deletion via normal methodology within the client, or by utilizing the \"Explode message/Explode now\" functionality. Local filesystem access is needed by the attacker."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/keybase/client/releases",
"refsource": "MISC",
"url": "https://github.com/keybase/client/releases"
},
{
"name": "https://johnjhacking.com/blog/cve-2021-23827/",
"refsource": "MISC",
"url": "https://johnjhacking.com/blog/cve-2021-23827/"
},
{
"name": "https://hackerone.com/reports/1074930",
"refsource": "MISC",
"url": "https://hackerone.com/reports/1074930"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-23827",
"datePublished": "2021-02-22T23:07:21.000Z",
"dateReserved": "2021-01-11T00:00:00.000Z",
"dateUpdated": "2024-08-03T19:14:08.885Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-16992 (GCVE-0-2019-16992)
Vulnerability from cvelistv5 – Published: 2019-09-29 23:52 – Updated: 2024-08-05 01:24
VLAI
Summary
The Keybase app 2.13.2 for iOS provides potentially insufficient notice that it is employing a user's private key to sign a certain cryptocurrency attestation (that an address at keybase.io can be used for Stellar payments to the user), which might be incompatible with a user's personal position on the semantics of an attestation.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://sneak.berlin/20190929/keybase-backdoor/ | x_refsource_MISC |
| https://github.com/keybase/keybase-issues/issues/3583 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:24:48.745Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://sneak.berlin/20190929/keybase-backdoor/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/keybase/keybase-issues/issues/3583"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Keybase app 2.13.2 for iOS provides potentially insufficient notice that it is employing a user\u0027s private key to sign a certain cryptocurrency attestation (that an address at keybase.io can be used for Stellar payments to the user), which might be incompatible with a user\u0027s personal position on the semantics of an attestation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-29T23:52:58.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://sneak.berlin/20190929/keybase-backdoor/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/keybase/keybase-issues/issues/3583"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-16992",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Keybase app 2.13.2 for iOS provides potentially insufficient notice that it is employing a user\u0027s private key to sign a certain cryptocurrency attestation (that an address at keybase.io can be used for Stellar payments to the user), which might be incompatible with a user\u0027s personal position on the semantics of an attestation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://sneak.berlin/20190929/keybase-backdoor/",
"refsource": "MISC",
"url": "https://sneak.berlin/20190929/keybase-backdoor/"
},
{
"name": "https://github.com/keybase/keybase-issues/issues/3583",
"refsource": "MISC",
"url": "https://github.com/keybase/keybase-issues/issues/3583"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-16992",
"datePublished": "2019-09-29T23:52:58.000Z",
"dateReserved": "2019-09-29T00:00:00.000Z",
"dateUpdated": "2024-08-05T01:24:48.745Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-7249 (GCVE-0-2019-7249)
Vulnerability from cvelistv5 – Published: 2019-01-31 08:00 – Updated: 2024-08-04 20:46
VLAI
Summary
In Keybase before 2.12.6 on macOS, the move RPC to the Helper was susceptible to time-to-check-time-to-use bugs and would also allow one user of the system (who didn't have root access) to tamper with another's installs.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://keybase.io/docs/secadv/kb004 | x_refsource_MISC |
| http://www.securityfocus.com/bid/106824 | vdb-entryx_refsource_BID |
| https://hackerone.com/reports/471739 | x_refsource_MISC |
Date Public
2019-01-31 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:46:45.971Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://keybase.io/docs/secadv/kb004"
},
{
"name": "106824",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106824"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://hackerone.com/reports/471739"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-01-31T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "In Keybase before 2.12.6 on macOS, the move RPC to the Helper was susceptible to time-to-check-time-to-use bugs and would also allow one user of the system (who didn\u0027t have root access) to tamper with another\u0027s installs."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-02-05T10:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://keybase.io/docs/secadv/kb004"
},
{
"name": "106824",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106824"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://hackerone.com/reports/471739"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7249",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Keybase before 2.12.6 on macOS, the move RPC to the Helper was susceptible to time-to-check-time-to-use bugs and would also allow one user of the system (who didn\u0027t have root access) to tamper with another\u0027s installs."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://keybase.io/docs/secadv/kb004",
"refsource": "MISC",
"url": "https://keybase.io/docs/secadv/kb004"
},
{
"name": "106824",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106824"
},
{
"name": "https://hackerone.com/reports/471739",
"refsource": "MISC",
"url": "https://hackerone.com/reports/471739"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-7249",
"datePublished": "2019-01-31T08:00:00.000Z",
"dateReserved": "2019-01-31T00:00:00.000Z",
"dateUpdated": "2024-08-04T20:46:45.971Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-18629 (GCVE-0-2018-18629)
Vulnerability from cvelistv5 – Published: 2018-12-20 22:00 – Updated: 2024-08-05 11:15
VLAI
Summary
An issue was discovered in the Keybase command-line client before 2.8.0-20181023124437 for Linux. An untrusted search path vulnerability in the keybase-redirector application allows a local, unprivileged user on Linux to gain root privileges via a Trojan horse binary.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://keybase.io/docs/secadv/kb002 | x_refsource_CONFIRM |
| https://blog.mirch.io/2018/12/21/cve-2018-18629-k… | x_refsource_MISC |
| https://hackerone.com/reports/426944 | x_refsource_MISC |
Date Public
2018-12-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:15:59.944Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://keybase.io/docs/secadv/kb002"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.mirch.io/2018/12/21/cve-2018-18629-keybase-linux-privilege-escalation/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://hackerone.com/reports/426944"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-12-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the Keybase command-line client before 2.8.0-20181023124437 for Linux. An untrusted search path vulnerability in the keybase-redirector application allows a local, unprivileged user on Linux to gain root privileges via a Trojan horse binary."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-21T21:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://keybase.io/docs/secadv/kb002"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.mirch.io/2018/12/21/cve-2018-18629-keybase-linux-privilege-escalation/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://hackerone.com/reports/426944"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-18629",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in the Keybase command-line client before 2.8.0-20181023124437 for Linux. An untrusted search path vulnerability in the keybase-redirector application allows a local, unprivileged user on Linux to gain root privileges via a Trojan horse binary."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://keybase.io/docs/secadv/kb002",
"refsource": "CONFIRM",
"url": "https://keybase.io/docs/secadv/kb002"
},
{
"name": "https://blog.mirch.io/2018/12/21/cve-2018-18629-keybase-linux-privilege-escalation/",
"refsource": "MISC",
"url": "https://blog.mirch.io/2018/12/21/cve-2018-18629-keybase-linux-privilege-escalation/"
},
{
"name": "https://hackerone.com/reports/426944",
"refsource": "MISC",
"url": "https://hackerone.com/reports/426944"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-18629",
"datePublished": "2018-12-20T22:00:00.000Z",
"dateReserved": "2018-10-23T00:00:00.000Z",
"dateUpdated": "2024-08-05T11:15:59.944Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}